This document is intended to support an application developer (hands on technical programmer) during their integration with Magensa payment processing services.
\nThe integrating developer should be familiar with the concepts of Restful APIs and have a good understanding of the payment processing landscape.
\nThis set of examples is designed to get a developer up and running quickly. It is not designed to be exhaustive of all possible integration scenarios. For more advanced integration input fields, processor specific inputs and outputs, and other cases not covered here, please contact your assigned solutions architect for information.
\nIn order to fully benefit from the examples provided, the integrating developer should have a Postman account where the collection can be copied to. Create a new Postman account here: https://www.postman.com
\nThe examples include a working sample ARQC; however before the integration can be considered complete, the integrating developer should separately be able to generate their own ARQC from a MagTek card reader (if the integration calls for a MagTek card reader). If not already completed, a quickstart on working with readers can be found here: https://rms.magensa.net/TEST/Demo/
\nFurthermore, payment processors sometimes have non-standard requirements. Any such special requirements should be provided on the \"var sheet\" issued by the processor. Please contact your assigned solutions architect for assistance in such cases.
\nUnigate is Magensa's API for omni-commerce financial transaction processing, supporting both card-present and card-not-present payments via MPPG V5 or later.
\nIt simplifies development for ISVs by normalizing request and response data, securely storing transaction records, and enabling seamless integration with both MagTek and non-MagTek hardware. By making processor-specific differences invisible to the developer, the Unigate API allows ISVs to connect to multiple payment processors using a single, unified code base—modernizing and streamlining the developer experience.
\nWith Unigate, ISVs can build payment solutions faster and more efficiently, leveraging a single integration to seamlessly connect with multiple processors and hardware options.
In addition to traditional card-based transactions, Unigate also supports Apple Pay & Google Pay.
Unigate supports two \"types\" of requests:
\nInitial \"Transaction\" makes a financial request to a processor. Examples are SALE and AUTHORIZE.
\n\"ReferenceTransaction\" makes a request to take action on an existing \"Transaction\". Examples are CAPTURE, TIP ADJUST, REFUND and VOID.
\nRefer to the collections for a comprehensive list of capabilities.
\nCopy this collection to your Postman workspace using the \"Run in Postman\" button in the top right of the page (you must already be signed in to Postman for this button to show).
\nLocate your Pilot credentials on the Unigate Onboarding Worksheet.
\nNow, you need to get your credentials structured correctly to work with Unigate - these credentials will be needed for your Unigate API requests by placing them in the Authorization header of each operation. Please note that Unigate uses Basic Auth for credential formatting and authentication. There are two options for you to format the credentials: Using Basic Auth Generation or Manually - see below the instructions for each option.
b. Format them yourself (this is what must be done for production accounts).
\nThe Auth Basic field is constructed as follows:
\nThe CustomerCode and Username are concatenated with a forward slash ‘/’ and then the password is concatenated with a single colon (:).
\nThe resulting string is encoded using Base64.
\nThe authorization method and a space character (e.g. \"Basic \") is then prepended to the encoded string.
\nFor example, to authorize as
o CustomerCode: CUSTOMER000
o Username: MAGTEST000
o Password: 123456789
For Pilot you will find both the credentials and the base 64 encoded result of the credentials on your Onboarding Worksheet.
\nInitial Tests:
\nWorking samples of Unigate calls have been provided in the collection. It’s recommended to begin with EMV ARQC Sale or EMV ARQC Authorize. Combine them with your Basic Auth header to run Unigate transactions to your own Pilot account in real time.
\nTesting with a MagTek Reader: the samples in Postman have sample ARQC data already input for convenience. You can also test the output of your MagTek reader by replacing the sample ARQC (also called Authorization Request) with the ARQC output of an EMV card read from your test MagTek reader. (note that Pilot hits testing environments, nothing is being charged.)
\nEnsure you save your credentials at the top level of the collection so that they are 'inherited' by all example requests and do not need to be manually entered each time.
\nBelow are (simplified) sample processor responses. Take note of the different values each processor uses to indicate transaction status. For example, Fiserv indicates a successful approval with a \"StatusCode\": \"OK\": however TSYS uses status: \"PASS\" and Worldpay uses TransactionStatus: \"Approved\". Many of these fields are 'standardized' in the Magensa response (for example isTransactionApproved is based on the processor status), but the raw values are still provided.
Also pay attention to different date/time formats used, and different amount formats (cents vs dollars).
March 2025 update: a new data structure has been added to the response JSON witch includes a \"normalized\" version of the processor fields. For example, the Fiserv field ReturnCode is transformed to a normalized key of processorStatusCode. The TSYS field hostReferenceNumber is transformed to processorReference.
This has several benefits:
\nStandardized Output: Provides a uniform structure for all processor responses, making downstream integration easier.
\nImproved Readability: Normalized fields eliminate processor-specific inconsistencies, simplifying data consumption.
\nEase of Mapping: Developers can configure mappings dynamically using external files instead of modifying code.
\nFuture-Proofing: New processors can be onboarded with minimal effort by simply defining new mapping rules.
\nData Preservation: The approach ensures that all processor data is accessible in either raw or transformed formats, preventing information loss.
\nAggregation Support: Enables flexible field combinations (e.g., concatenating expiration date fields) for better usability.
\nReduced Processing Overhead: Avoids redundant conversions when an existing normalized field can be reused directly (e.g., authorizedAmount).
\n\"DID\": \"00012443241234679102\"\n\"ClientRef\": \"1110638VRMA044\"\n\"StatusCode\": \"OK\"\n\"ReturnCode\": \"000\"\n\"PymtType\": \"Credit\"\n\"TxnType\": \"Sale\"\n\"LocalDateTime\": \"20241107123444\"\n\"TrnmsnDateTime\": \"20241107203445\"\n\"STAN\": \"192180\"\n\"RefNum\": \"000001192179\"\n\"OrderNum\": \"01192179\"\n\"TermID\": \"00000001\"\n\"MerchID\": \"RCTST0000006128\"\n\"TxnAmt\": \"200\"\n\"TxnCrncy\": \"840\"\n\"CnvDate\": \"1107\"\n\"AcctNum\": \"544368******3455\"\n\"BanknetData\": \"1107MCC779724\"\n\"RespCode\": \"000\"\n\"AuthID\": \"613487\"\n\"AddtlRespData\": \"APPROVAL\"\n\"AthNtwkID\": \"03\"\n\"AthNtwkNm\": \"MASTERCARD\"\n\n\"status\": \"PASS\"\n\"responseCode\": \"A0000\"\n\"responseMessage\": \"Success\"\n\"authCode\": \"VTLMC1\"\n\"hostReferenceNumber\": \"431220750121\"\n\"hostResponseCode\": \"00\"\n\"taskID\": \"52469149\"\n\"transactionID\": \"51859741\"\n\"transactionTimestamp\": \"2024-11-07T12:47:16\"\n\"transactionAmount\": \"2.00\"\n\"processedAmount\": \"2.00\"\n\"totalAmount\": \"2.00\"\n\"addressVerificationCode\": \"0\"\n\"cardType\": \"M\"\n\"maskedCardNumber\": \"3455\"\n\"commercialCard\": \"0\"\n\"aci\": \"A\"\n\"cardTransactionIdentifier\": \"1212MCC111122**\"\n\"customerReceipt\": \"\"\n\"merchantReceipt\": \"\"\n\"emvIssuerScripts\": \"720C9F18040001860580CA9F3600\"\n\"emvIssuerAuthorizationCode\": \"8A020000\"\n\"emvIssuerAuthenticationData\": \"91080102030405060708\"\n\n\"ExpressResponseCode\": \"0\"\n\"ExpressResponseMessage\": \"Approved\"\n\"HostResponseCode\": \"00\"\n\"ExpressTransactionDate\": \"20241107\"\n\"ExpressTransactionTime\": \"144813\"\n\"ExpressTransactionTimezone\": \"UTC-06:00:00\"\n\"HostBatchID\": \"1859\"\n\"HostItemID\": \"37\"\n\"HostReversalQueueID\": \"431214218916\"\n\"HostBatchAmount\": \"258.19\"\n\"ExpirationMonth\": \"12\"\n\"ExpirationYear\": \"25\"\n\"CardLogo\": \"Mastercard\"\n\"EMVData\": \"kQqfLItPwJtGoQASigIwMA==\"\n\"CardNumberMasked\": \"xxxx-xxxx-xxxx-4111\"\n\"BIN\": \"541333\"\n\"TransactionID\": \"447218916\"\n\"ApprovalNumber\": \"433697\"\n\"AcquirerData\": \"........\"\n\"ProcessorName\": \"VANTIV_TEST\"\n\"TransactionStatus\": \"Approved\"\n\"TransactionStatusCode\": \"1\"\n\"HostTransactionID\": \"100000\"\n\"ApprovedAmount\": \"2.00\"\n\"NetworkTransactionID\": \"MCC000013\"\n\"PAR\": \"500109WTDBCYTBVFPP331F0GHT3XR\"\n\"RetrievalReferenceNumber\": \"431214218916\"\n\"SystemTraceAuditNumber\": \"218916\"\n\n\"LicenseId\": \"143045\"\n\"SiteId\": \"143133\"\n\"DeviceId\": \"6401226\"\n\"GatewayTxnId\": \"2040376489\"\n\"GatewayRspCode\": \"0\"\n\"GatewayRspMsg\": \"Success\"\n\"RspDT\": \"2024-11-07T14:48:44.8783806\"\n\"UniqueDeviceId\": \"8301\"\n\"x_global_transaction_id\": \"CAFC4610-2F24-4731-AEF9-D9698829B3FD\"\n\"x_global_transaction_source\": \"portico\"\n\"RspCode\": \"00\"\n\"RspText\": \"APPROVAL\"\n\"AuthCode\": \"892799\"\n\"AVSRsltCode\": \"0\"\n\"RefNbr\": \"431215834985\"\n\"CardType\": \"MC\"\n\"AVSRsltText\": \"AVS Not Requested.\"\n\"EMVIssuerResp\": \"910A7ED6C0EC6A86837A3030\"\n\"CardBrandTxnId\": \"MCC0000003111107\"\n\n\"authAmount2\": \"2.00\"\n\"authAmountRequested\": \"2.00\"\n\"authBric\": \"00DLT0BY6YZQNXF0UXR\"\n\"authCardA\": \"MCW\"\n\"authCardB\": \"DMC\"\n\"authCardC\": \"MCW\"\n\"authCardCountryCode\": \"840\"\n\"authCardCurrencyCode\": \"840\"\n\"authCardK\": \"N\"\n\"authCardType\": \"M\"\n\"authCurrencyCode\": \"840\"\n\"authMaskedAccountNumber\": \"************4111\"\n\"authPar\": \"M54133341116D963C0FBC8577FCD5\"\n\"authTranDateGMT\": \"11/07/2024 08:49:05 PM\"\n\"authTranId\": \"1107MCW035023260\"\n\"authorization\": \"009716\"\n\"localDate\": \"110724\"\n\"localTime\": \"154905\"\n\"msgVersion\": \"003\"\n\"networkResponse\": \"00\"\n\"orginalTranType\": \"CCR1\"\n\"response\": \"00\"\n\"text\": \"APPROVAL\"\n\"transaction\": \"12345\"\n\"errors\": null,\n\"bric\": \"00DLT0BY6YZQNXF0UXR\"\n\"timestamp\": \"2024-11-07T20:49:06Z\"\n\n\"industryType\": \"RE\"\n\"transType\": \"AC\"\n\"bin\": \"000002\"\n\"merchantID\": \"700000012413\"\n\"terminalID\": \"001\"\n\"cardBrand\": \"CZ\"\n\"orderID\": \"032129\"\n\"txRefNum\": \"672D286028A3F09300000FFA000030E741565374\"\n\"txRefIdx\": \"1\"\n\"respDateTime\": \"20241107155144\"\n\"procStatus\": \"0\"\n\"approvalStatus\": \"1\"\n\"respCode\": \"00\"\n\"avsRespCode\": \"\"\n\"cvvRespCode\": \"\"\n\"authorizationCode\": \"095505\"\n\"mcRecurringAdvCode\": \"\"\n\"visaVbVRespCode\": \"\"\n\"procStatusMessage\": \"Approved\"\n\"respCodeMessage\": \"\"\n\"hostRespCode\": \"00\"\n\"hostAVSRespCode\": \"\"\n\"hostCVVRespCode\": \"\"\n\"retryTrace\": \"\"\n\"retryAttempCount\": \"\"\n\"lastRetryDate\": \"\"\n\"customerRefNum\": \"\"\n\"customerName\": \"\"\n\"profileProcStatus\": \"\"\n\"profileProcStatusMsg\": \"\",\n\n\"Response_Code\": \"ND\"\n\"Issuer_Response_Code\": \"88\"\n\"Authorization_Source\": \"0\"\n\"Capture_Code\": \"0\"\n\"Approval_Code\": \"\"\n\"Authorization_Date\": \"110724\"\n\"Authorization_Time\": \"155236\"\n\"Batch_Number\": \"435\"\n\"Record_Number\": \"0\"\n\"Authorization_Response\": \"DECLINED\"\n\"Trace_Number\": \"011225\"\n\"Transaction_Reference_Nbr\": \"1107205236\"\n\"OAR_Data\": \"\"\n\"Spend_Qualifier\": \"\"\n\"Association_Name\": \"Mastercard\"\n\"_id\": \"02\"\n\"Amex_Capture_Code\": \"2\"\n\"AVS_Response\": \"\"\n\"CVV2_Response\": \"\"\n\"PS2000_Data\": \"MMCC733621 Y 1107B1\"\n\"MSDI\": \"0\"\n\"_id\": \"80\"\n\"EMV_Key_Date\": \"10162023\"\n\"ICC_CSN\": \"01\"\n\"ICC_ATC\": \"00F2\"\n\"_id\": \"86\"\n\"Authorized_Amount\": \"0\"\n\"Account_Balance_1\": \"\"\n\"Account_Balance_2\": \"0\"\n\"_id\": \"87\"\n\"Token_Value\": \"5186120508494111\"\n\"Token_Format\": \"VN\"\n\"_id\": \"8E\"\n\nSupports contact, contactless, or fallback transactions. Use this operation when an ARQC has been collected from a card reader.
\n{\n \"customerTransactionID\": \"R - Customer Defined Field up to a 256 character string\",\n \"transactionInput\": {\n \"transactionType\": \"AUTHORIZE\",\n \"amount\": \"<number>\"\n },\n \"deviceInfo\": {\n \"serialNumber\": \"<string>\",\n \"make\": \"<string>\",\n \"model\": \"<string>\",\n \"nickName\": \"<string>\"\n },\n \"dataInput\": {\n \"encryptedData\": {\n \"dataType\": \"Track2\",\n \"data\": \"<string>\",\n \"keyVariant\": \"DukptTdesDataVariant\",\n \"ksn\": \"<string>\"\n },\n \"tlvList\": \"<string>\",\n \"paymentMode\": \"MagStripe\",\n \"paymentType\": \"Credit\"\n }\n}\n\nSupports contact, contactless, or fallback transactions. Use this operation when an ARQC has been collected from a card reader.
\n{\n \"customerTransactionID\": \"R - Customer Defined Field up to a 256 character string\",\n \"transactionInput\": {\n \"transactionType\": \"AUTHORIZE\",\n \"amount\": \"<number>\"\n },\n \"deviceInfo\": {\n \"serialNumber\": \"<string>\",\n \"make\": \"<string>\",\n \"model\": \"<string>\",\n \"nickName\": \"<string>\"\n },\n \"dataInput\": {\n \"encryptedData\": {\n \"dataType\": \"Track2\",\n \"data\": \"<string>\",\n \"keyVariant\": \"DukptTdesDataVariant\",\n \"ksn\": \"<string>\"\n },\n \"tlvList\": \"<string>\",\n \"paymentMode\": \"MagStripe\",\n \"paymentType\": \"Credit\"\n }\n}\n\nThe API accepts JSON-formatted requests containing transaction details, device information, and encrypted payment data.
\ntransactionInput ObjectdeviceInfo ObjectdataInput ObjectencryptedData ObjectpaymentMode, derive the value from EMV tag DFDF520x01 = MagStripe (Data was read from the MSR stripe of a card that doesn’t have an EMV chip and was swiped in a MagTek reader)
0x05 = EMV (Data was read from the chip of an EMV card that was inserted into a MagTek reader)
0x06 = EMV (Data was read from the chip of an EMV card that was tapped on a MagTek reader)
0x07 = MagStripe (Data was read from the MSR stripe of a card that has an EMV chip and was swiped in a MagTek reader)
PayPal transactions must speciy the paymentMode
Use this operation to redeem a token to preform a financial transaction.
\n","auth":{"type":"basic","basic":{"basicConfig":[{"key":"username","value":"Transact using a Magensa token. Tokens may be derived from the Tokenization service, or by consuming the response from another transaction.
\nNote: The token in the example should be replaced with your own token which you will receive in the response to an \"original\" transaction. The sample token is provided for referene only, and will not process successfully (Magensa Tokens must be redeemed by the same account that created them).
\nThe API accepts JSON-formatted requests containing transaction details and a tokenized payment identifier.
\nA successful response returns a JSON object with transaction status and details.
\n","_postman_id":"8964a596-f957-4db0-bca7-b6a6c7dd7204","auth":{"type":"basic","basic":{"basicConfig":[{"key":"username","value":"Use this operation when encrypted card swipe Track 2 data has been collected from a card reader.
\n","auth":{"type":"basic","basic":{"basicConfig":[{"key":"username","value":"Transact using encrypted card data from a MagTek MSR device.
\nThe CardSwipe API enables transaction processing using encrypted card swipe data. It supports magnetic stripe card transactions with secure encryption and compliance with PCI DSS standards.
\nThe API accepts JSON-formatted requests containing transaction details and encrypted card swipe data.
\ntransactionInput ObjectcardSwipeInput ObjectencryptedCardSwipe ObjectA successful response returns a JSON object with transaction status and details.
\n","_postman_id":"8aaddbb2-9a8a-4bcd-9413-eb1036736056","auth":{"type":"basic","basic":{"basicConfig":[{"key":"username","value":"Use this operation when encrypted data has been collected from manual key entry on a reader.
\n","auth":{"type":"basic","basic":{"basicConfig":[{"key":"username","value":"Transact using encrypted card data manually entered in pin pad.
\n